提交 24b44446 编写于 作者: B Bodo Möller

Comments on SSL_peek deficiencies

上级 87739b2c
......@@ -260,6 +260,9 @@ SSL_CIPHER *ssl2_get_cipher(unsigned int u)
int ssl2_pending(SSL *s)
{
/* Unlike ssl2_pending, this one probably works (if read-ahead
* is disabled), but it should be examined
* XXX */
return(s->s2->ract_data_length);
}
......
......@@ -638,10 +638,10 @@ SSL_CIPHER *ssl3_get_cipher(unsigned int u)
return(NULL);
}
/* The problem is that it may not be the correct record type */
int ssl3_pending(SSL *s)
{
return(s->s3->rrec.length);
/* The problem is that it may not be the correct record type */
return(s->s3->rrec.length); /* FIXME */
}
int ssl3_new(SSL *s)
......
......@@ -576,6 +576,13 @@ int SSL_get_read_ahead(SSL *s)
int SSL_pending(SSL *s)
{
/* SSL_pending cannot work properly if read-ahead is enabled
* (SSL_[CTX_]ctrl(..., SSL_CTRL_SET_READ_AHEAD, 1, NULL)),
* and it is impossible to fix since SSL_pending cannot report
* errors that may be observed while scanning the new data.
* (Note that SSL_pending() is often used as a boolean value,
* so we'd better not return -1.)
*/
return(s->method->ssl_pending(s));
}
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册